chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
3ab4f49
)
sd-daemon: fix potential LISTEN_FDS overflow in sd_listen_fds()
author
Vito Caputo
<vito.caputo@coreos.com>
Tue, 3 Nov 2015 07:05:44 +0000
(23:05 -0800)
committer
Sven Eden
<yamakuzure@gmx.net>
Wed, 26 Apr 2017 10:58:55 +0000
(12:58 +0200)
src/libelogind/sd-daemon/sd-daemon.c
patch
|
blob
|
history
diff --git
a/src/libelogind/sd-daemon/sd-daemon.c
b/src/libelogind/sd-daemon/sd-daemon.c
index 172409b73a3b7e4d04b9edfbfb4358badf610bd9..3ea9764c45bd383ec24d9272ed9e3b8b61b5db4f 100644
(file)
--- a/
src/libelogind/sd-daemon/sd-daemon.c
+++ b/
src/libelogind/sd-daemon/sd-daemon.c
@@
-54,8
+54,7
@@
static void unsetenv_all(bool unset_environment) {
_public_ int sd_listen_fds(int unset_environment) {
const char *e;
_public_ int sd_listen_fds(int unset_environment) {
const char *e;
- unsigned n;
- int r, fd;
+ int n, r, fd;
pid_t pid;
e = getenv("LISTEN_PID");
pid_t pid;
e = getenv("LISTEN_PID");
@@
-80,17
+79,23
@@
_public_ int sd_listen_fds(int unset_environment) {
goto finish;
}
goto finish;
}
- r = safe_ato
u
(e, &n);
+ r = safe_ato
i
(e, &n);
if (r < 0)
goto finish;
if (r < 0)
goto finish;
- for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) n; fd ++) {
+ assert_cc(SD_LISTEN_FDS_START < INT_MAX);
+ if (n <= 0 || n > INT_MAX - SD_LISTEN_FDS_START) {
+ r = -EINVAL;
+ goto finish;
+ }
+
+ for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++) {
r = fd_cloexec(fd, true);
if (r < 0)
goto finish;
}
r = fd_cloexec(fd, true);
if (r < 0)
goto finish;
}
- r =
(int)
n;
+ r = n;
finish:
unsetenv_all(unset_environment);
finish:
unsetenv_all(unset_environment);